lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6706839620038_1cca31294cf@willemb.c.googlers.com.notmuch>
Date: Wed, 09 Oct 2024 09:22:30 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: Jason Xing <kerneljasonxing@...il.com>, 
 Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: davem@...emloft.net, 
 edumazet@...gle.com, 
 kuba@...nel.org, 
 pabeni@...hat.com, 
 dsahern@...nel.org, 
 willemb@...gle.com, 
 ast@...nel.org, 
 daniel@...earbox.net, 
 andrii@...nel.org, 
 martin.lau@...ux.dev, 
 eddyz87@...il.com, 
 song@...nel.org, 
 yonghong.song@...ux.dev, 
 john.fastabend@...il.com, 
 kpsingh@...nel.org, 
 sdf@...ichev.me, 
 haoluo@...gle.com, 
 jolsa@...nel.org, 
 bpf@...r.kernel.org, 
 netdev@...r.kernel.org, 
 Jason Xing <kernelxing@...cent.com>
Subject: Re: [PATCH net-next 1/9] net-timestamp: add bpf infrastructure to
 allow exposing more information later

Jason Xing wrote:
> On Wed, Oct 9, 2024 at 2:45 AM Willem de Bruijn
> <willemdebruijn.kernel@...il.com> wrote:
> >
> > Jason Xing wrote:
> > > From: Jason Xing <kernelxing@...cent.com>
> > >
> > > Implement basic codes so that we later can easily add each tx points.
> > > Introducing BPF_SOCK_OPS_ALL_CB_FLAGS used as a test statement can help use
> > > control whether to output or not.
> > >
> > > Signed-off-by: Jason Xing <kernelxing@...cent.com>
> > > ---
> > >  include/uapi/linux/bpf.h       |  5 ++++-
> > >  net/core/skbuff.c              | 18 ++++++++++++++++++
> > >  tools/include/uapi/linux/bpf.h |  5 ++++-
> > >  3 files changed, 26 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> > > index c6cd7c7aeeee..157e139ed6fc 100644
> > > --- a/include/uapi/linux/bpf.h
> > > +++ b/include/uapi/linux/bpf.h
> > > @@ -6900,8 +6900,11 @@ enum {
> > >        * options first before the BPF program does.
> > >        */
> > >       BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG = (1<<6),
> > > +     /* Call bpf when the kernel is generating tx timestamps.
> > > +      */
> > > +     BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG = (1<<7),
> > >  /* Mask of all currently supported cb flags */
> > > -     BPF_SOCK_OPS_ALL_CB_FLAGS       = 0x7F,
> > > +     BPF_SOCK_OPS_ALL_CB_FLAGS       = 0xFF,
> > >  };
> > >
> > >  /* List of known BPF sock_ops operators.
> > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c
> > > index 74149dc4ee31..5ff1a91c1204 100644
> > > --- a/net/core/skbuff.c
> > > +++ b/net/core/skbuff.c
> > > @@ -5539,6 +5539,21 @@ void skb_complete_tx_timestamp(struct sk_buff *skb,
> > >  }
> > >  EXPORT_SYMBOL_GPL(skb_complete_tx_timestamp);
> > >
> > > +static bool bpf_skb_tstamp_tx(struct sock *sk, u32 scm_flag,
> > > +                           struct skb_shared_hwtstamps *hwtstamps)
> > > +{
> > > +     struct tcp_sock *tp;
> > > +
> > > +     if (!sk_is_tcp(sk))
> > > +             return false;
> > > +
> > > +     tp = tcp_sk(sk);
> > > +     if (BPF_SOCK_OPS_TEST_FLAG(tp, BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG))
> > > +             return true;
> > > +
> > > +     return false;
> > > +}
> > > +
> > >  void __skb_tstamp_tx(struct sk_buff *orig_skb,
> > >                    const struct sk_buff *ack_skb,
> > >                    struct skb_shared_hwtstamps *hwtstamps,
> > > @@ -5551,6 +5566,9 @@ void __skb_tstamp_tx(struct sk_buff *orig_skb,
> > >       if (!sk)
> > >               return;
> > >
> > > +     if (bpf_skb_tstamp_tx(sk, tstype, hwtstamps))
> > > +             return;
> > > +
> >
> > Eventually, this whole feature could probably be behind a
> > static_branch.
> 
> You want to implement another toggle to control it? But for tx path
> "BPF_SOCK_OPS_TEST_FLAG(tp, BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG)"
> works as a per-netns toggle. I would like to know what you exactly
> want to do in the next move?

Not another toggle. A static branch that enables the datapath logic
when a BPF program becomes active. See also for instance ipv4_min_ttl.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ